Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CI test for the triple masking #1007

Open
wants to merge 4 commits into
base: develop
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ target
stack.yaml.lock
**/history.txt
**/__pycache__

.idea

node_modules
Expand Down
31 changes: 21 additions & 10 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,6 @@ members = [
"src/components/contracts/modules/evm/precompile/basic",
"src/components/contracts/modules/evm/precompile/frc20",
"src/components/contracts/modules/evm/precompile/modexp",
"src/components/contracts/modules/evm/precompile/sha3fips",
"src/components/contracts/modules/evm/precompile/anemoi",
"src/components/contracts/modules/evm/precompile/blake2",
"src/components/contracts/modules/evm/precompile/bn128",
Expand All @@ -37,22 +36,34 @@ members = [
]

[profile.dev]
incremental = false
opt-level = 3
lto = "thin"
incremental = true
debug-assertions = true
debug = true
panic = 'abort'
overflow-checks = true

[profile.release]
opt-level = 3
lto = "thin"
incremental = false
overflow-checks = true
panic = 'abort'

[profile.bench]
opt-level = 3
debug = false
rpath = false
lto = "thin"
codegen-units = 1
incremental = true
debug-assertions = false
overflow-checks = false

[profile.dev.package.curve25519-dalek]
opt-level = 1
overflow-checks = false

[patch.crates-io]
ed25519-dalek = { git = "https://github.com/FindoraNetwork/ed25519-dalek", rev = "ad461f" }
curve25519-dalek = { git = "https://github.com/FindoraNetwork/curve25519-dalek", rev = "a2df65" }
x25519-dalek = { git = "https://github.com/FindoraNetwork/x25519-dalek", rev = "53bb1a" }
[profile.test]
opt-level = 2
lto = "off"
incremental = true
debug-assertions = true
debug = true
2 changes: 2 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -27,3 +27,5 @@ The primary license for Platform is the Business Source License 1.1 (`BUSL-1.1`)
### Exceptions

- All files in `components/contracts` are licensed under `Apache-2.0`


15 changes: 7 additions & 8 deletions src/components/abciapp/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -15,18 +15,18 @@ path = "src/bins/abcid.rs"

[dependencies]
parking_lot = "0.12"
base64 = "0.12"
base64 = "0.13"
bincode = "1.3.1"
tracing = "0.1"
rand = "0.8"
rand_chacha = "0.2"
rand_core = { version = "0.5", default-features = false, features = ["alloc"] }
rand_chacha = "0.3"
rand_core = { version = "0.6", default-features = false, features = ["alloc"] }
attohttpc = { version = "0.23", default-features = false, features = ["compress", "json", "tls-rustls"] }
serde = { version = "1.0.124", features = ["derive"] }
serde_json = "1.0.40"
lazy_static = "1.4.0"
futures = { version = "0.3.16", features = ["thread-pool"] }
hex = "0.4.2"
hex = "0.4.3"
ctrlc = { version = "=3.2.5", features = ["termination"] }
protobuf = "2.16"
toml = "0.5.8"
Expand All @@ -41,15 +41,14 @@ percent-encoding = "2.1.0"

nix = "0.22.1"

zei = { git = "https://github.com/FindoraNetwork/zei", branch = "stable-main" }
zei = { package="platform-lib-noah", git = "https://github.com/FindoraNetwork/platform-lib-noah", branch = "develop" }
ruc = { version = "1.0.5", default-features = false, features = ["compact"] }
abci = { git = "https://github.com/FindoraNetwork/tendermint-abci", tag = "0.7.6" }
config = { path = "../config"}
ledger = { path = "../../ledger" }

globutils = { git = "https://github.com/FindoraNetwork/platform-lib-utils", tag = "v1.0.0" }
cryptohash = { git = "https://github.com/FindoraNetwork/platform-lib-cryptohash", tag = "v1.0.0" }

globutils = { git = "https://github.com/FindoraNetwork/platform-lib-utils", branch = "develop" }
cryptohash = { git = "https://github.com/FindoraNetwork/platform-lib-cryptohash", branch = "develop" }
finutils = { path = "../finutils" }

tempfile = "3.1.0"
Expand Down
1 change: 0 additions & 1 deletion src/components/abciapp/src/abci/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,6 @@ pub fn run() -> Result<()> {
"http://{}:{}",
config.tendermint_host, config.tendermint_port
);

// keep them running in the background,
// avoid being dropped by the jsonrpc crate.
mem::forget(fc_rpc::start_web3_service(
Expand Down
119 changes: 107 additions & 12 deletions src/components/abciapp/src/abci/server/callback/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,6 @@
//! # Impl function of tendermint ABCI
//!

use globutils::wallet;
use ledger::{
data_model::ASSET_TYPE_FRA,
staking::{FF_ADDR_EXTRA_120_0000, FF_ADDR_LIST},
};
use zei::xfr::asset_record::AssetRecordType;

mod utils;

use {
Expand All @@ -32,11 +25,15 @@ use {
STATE_UPDATE_LIST, TXS, WEB3_SERVICE_START_HEIGHT,
},
fp_storage::hash::{Sha256, StorageHasher},
globutils::wallet,
lazy_static::lazy_static,
ledger::{
converter::is_convert_account,
data_model::Operation,
staking::{evm::EVM_STAKING, KEEP_HIST, VALIDATOR_UPDATE_BLOCK_ITV},
data_model::{Operation, Transaction, ASSET_TYPE_FRA},
staking::{
evm::EVM_STAKING, FF_ADDR_EXTRA_120_0000, FF_ADDR_LIST, KEEP_HIST,
VALIDATOR_UPDATE_BLOCK_ITV,
},
store::{
api_cache,
fbnc::{new_mapx, Mapx},
Expand All @@ -56,6 +53,7 @@ use {
},
},
tracing::{error, info},
zei::noah_api::xfr::asset_record::AssetRecordType,
};

pub(crate) static TENDERMINT_BLOCK_HEIGHT: AtomicI64 = AtomicI64::new(0);
Expand Down Expand Up @@ -100,9 +98,15 @@ pub fn info(s: &mut ABCISubmissionServer, req: &RequestInfo) -> ResponseInfo {
&& h < CFG.checkpoint.enable_frc20_height
{
resp.set_last_block_app_hash(la_hash);
} else {
} else if h < CFG.checkpoint.enable_triple_masking_height {
let cs_hash = s.account_base_app.write().info(req).last_block_app_hash;
resp.set_last_block_app_hash(app_hash("info", h, la_hash, cs_hash));
} else {
let cs_hash = s.account_base_app.write().info(req).last_block_app_hash;
let tm_hash = state.get_anon_state_commitment().0;
resp.set_last_block_app_hash(app_hash_v2(
"info", h, la_hash, cs_hash, tm_hash,
));
}
}

Expand Down Expand Up @@ -140,6 +144,18 @@ pub fn check_tx(s: &mut ABCISubmissionServer, req: &RequestCheckTx) -> ResponseC
TxCatalog::FindoraTx => {
if matches!(req.field_type, CheckTxType::New) {
if let Ok(tx) = convert_tx(req.get_tx()) {
for op in tx.body.operations.iter() {
if let Operation::TransferAnonAsset(op) = op {
let mut inputs = op.note.body.inputs.clone();
inputs.sort();
inputs.dedup();
if inputs.len() != op.note.body.inputs.len() {
resp.log = "anon transfer input error".to_owned();
resp.code = 1;
return resp;
}
}
}
if td_height > CFG.checkpoint.check_signatures_num {
for op in tx.body.operations.iter() {
if let Operation::TransferAsset(op) = op {
Expand Down Expand Up @@ -171,6 +187,11 @@ pub fn check_tx(s: &mut ABCISubmissionServer, req: &RequestCheckTx) -> ResponseC
} else if TX_HISTORY.read().contains_key(&tx.hash_tm_rawbytes()) {
resp.log = "Historical transaction".to_owned();
resp.code = 1;
} else if is_tm_transaction(&tx)
&& td_height < CFG.checkpoint.enable_triple_masking_height
{
resp.code = 1;
resp.log = "Triple Masking is disabled".to_owned();
}
} else {
resp.log = "Invalid format".to_owned();
Expand Down Expand Up @@ -272,6 +293,18 @@ pub fn deliver_tx(
match tx_catalog {
TxCatalog::FindoraTx => {
if let Ok(tx) = convert_tx(req.get_tx()) {
for op in tx.body.operations.iter() {
if let Operation::TransferAnonAsset(op) = op {
let mut inputs = op.note.body.inputs.clone();
inputs.sort();
inputs.dedup();
if inputs.len() != op.note.body.inputs.len() {
resp.log = "anon Transfer input error".to_owned();
resp.code = 1;
return resp;
}
}
}
if td_height > CFG.checkpoint.check_signatures_num {
for op in tx.body.operations.iter() {
if let Operation::TransferAsset(op) = op {
Expand Down Expand Up @@ -336,7 +369,7 @@ pub fn deliver_tx(
if let Err(err) =
s.account_base_app.write().deliver_findora_tx(&tx, &hash.0)
{
info!(target: "abciapp", "deliver convert account tx failed: {err:?}");
error!(target: "abciapp", "deliver convert account tx failed: {err:?}");

resp.code = 1;
resp.log =
Expand Down Expand Up @@ -375,6 +408,16 @@ pub fn deliver_tx(
.db
.write()
.discard_session();
} else if is_tm_transaction(&tx)
&& td_height < CFG.checkpoint.enable_triple_masking_height
{
info!(target: "abciapp",
"Triple Masking transaction(FindoraTx) detected at early height {}: {:?}",
td_height, tx
);
resp.code = 2;
resp.log = "Triple Masking is disabled".to_owned();
return resp;
} else if CFG.checkpoint.utxo_checktx_height < td_height {
match tx.check_tx() {
Ok(_) => {
Expand Down Expand Up @@ -597,8 +640,11 @@ pub fn commit(s: &mut ABCISubmissionServer, req: &RequestCommit) -> ResponseComm
&& td_height < CFG.checkpoint.enable_frc20_height
{
r.set_data(la_hash);
} else {
} else if td_height < CFG.checkpoint.enable_triple_masking_height {
r.set_data(app_hash("commit", td_height, la_hash, cs_hash));
} else {
let tm_hash = state.get_anon_state_commitment().0;
r.set_data(app_hash_v2("commit", td_height, la_hash, cs_hash, tm_hash));
}

IN_SAFE_ITV.store(false, Ordering::Release);
Expand Down Expand Up @@ -728,3 +774,52 @@ fn app_hash(
la_hash
}
}

/// Combines ledger state hash and EVM chain state hash
/// and print app hashes for debugging
fn app_hash_v2(
when: &str,
height: i64,
mut la_hash: Vec<u8>,
cs_hash: Vec<u8>,
tm_hash: Vec<u8>,
) -> Vec<u8> {
info!(target: "abciapp",
"app_hash_{}: {}_{}_{}, height: {}",
when,
hex::encode(la_hash.clone()),
hex::encode(cs_hash.clone()),
hex::encode(tm_hash.clone()),
height
);

if !cs_hash.is_empty() {
la_hash.extend_from_slice(&cs_hash);

if !tm_hash.is_empty() {
la_hash.extend_from_slice(&tm_hash);
}

Sha256::hash(la_hash.as_slice()).to_vec()
} else if !tm_hash.is_empty() {
la_hash.extend([0u8; 32]);
la_hash.extend_from_slice(&tm_hash);

Sha256::hash(la_hash.as_slice()).to_vec()
} else {
la_hash
}
}

fn is_tm_transaction(tx: &Transaction) -> bool {
tx.body
.operations
.iter()
.try_for_each(|op| match op {
Operation::BarToAbar(_a) => None,
Operation::AbarToBar(_a) => None,
Operation::TransferAnonAsset(_a) => None,
_ => Some(()),
})
.is_none()
}
Loading